Loading, Please Wait...

CST: 12/11/2019 12:54:09   

ReversingLabs Titanium Platform Finds Destructive Objects Existing Security Investments Miss

104 Days ago

Seamless Integration into Third-Party Solutions and Platforms and New Capabilities Deliver Unprecedented Insight for Phishing, Email and Supply Chain Use Cases

CAMBRIDGE, Mass., July 31, 2019 (GLOBE NEWSWIRE) -- ReversingLabs, a leading provider of enterprise-scale file analysis, threat hunting, and malware intelligence solutions, today unveiled its Titanium Platform for detecting and responding to hidden threats existing security solutions miss. By integrating with existing enterprise security investments to dissect and analyze destructive objects—unwanted, vulnerable and malware-infected destructive files, emails, attachments, binaries, and third-party and open source code—ReversingLabs gives modern security teams the breadth and depth of visibility they need to seek out and remediate dangerous and complex threats. Citing its own research into real-world examples, ReversingLabs this week also details how its Titanium Platform can catch lateral movement in internal emails, stop ransomware from propagating via attachments and prevent credential theft as a result of phishing attempts. ReversingLabs will demonstrate its Titanium Platform at Black Hat, August 7-8 in Las Vegas at Booth # 600.

“Malware is everywhere in the enterprise and despite even the most advanced security solutions it routinely evades detection, lurking unknown within corporate infrastructures, and armed to destroy value. Evolving attack vectors and increasingly dangerous and often complex files and objects, combined with the exponential growth of web, mobile, IoT and API connectivity, demands continuous and integrated insight for security teams to effectively detect and remediate malware,” said Mario Vuksan, CEO and Co-founder, Reversing Labs. “Destructive object insights is the thread we can follow to provide the enterprise in-depth visibility across every associated malware file and object, location and threat at the speed, accuracy and scale needed for today’s security operations, IT, architecture and software development teams. With that kind of insight we can address the risks exposed by the gaps existing solutions miss.”

With the largest repository of malware and goodware in the industry of more than 8 billion files and objects, and the only vendor to speed analysis of files in milliseconds, ReversingLabs Titanium Platform provides complete visibility and insight into every destructive object, regardless of its size, complexity or type, in a manner that optimizes existing enterprise security investments in email, endpoint, SIEM, sandbox, threat intelligence, file share and package manager solutions. ReversingLabs integration with these solutions enables teams to seamlessly incorporate findings into established business processes across security, IT, architecture and DevOps teams. Insights obtained from the Titanium Platform enable security and threat hunting teams to achieve better risk visibility while reducing mean time to respond from minutes to seconds, and helps to automate malware and security operations, filling important skill gaps and reducing hours dedicated to time-consuming human malware analysis. ReversingLabs also simultaneously enables the safe migration of applications and data to the cloud, backup and restoration of data, and distribution of trusted third party code, the latter of which enables DevOps teams to accelerate the development, testing and release of applications in a frictionless but safe manner.

Phishing and Supply Chain Attacks Fuel Proliferation of Malware
Many of the largest and most damaging attacks stem from malware infections delivered by email, phishing campaigns and supply chain attacks, that, when successful, cause enormous disruption and damage. In fact, according to the 2019 Verizon Data Breach Investigation Report 92 percent of malware is still delivered by email and it remains the most common malware vector.

Phishing attacks remain a consistent delivery mechanism for fileless and file-based malware, constantly leveraging new techniques and objects types to evade traditional defenses. ReversingLabs new Exchange/Office365 AbuseBox solution and SMTP Connector identify hidden malware that existing email solutions miss, providing visibility into areas security analysts won’t otherwise see and helping to triage high priority phishing attacks. The new analysis component is deployed seamlessly to analyze any link that ReversingLabs static file decomposition finds within emails, documents, multimedia, archives and programs. It gives defenders a fighting chance by inspecting millions of emails, making the possibility of checking and stopping threats for every email message a reality. This new solution provides capabilities beyond existing email security gateways and email abuse box tools including:

  • Insights within attached content, supporting more than 3600 file formats including suspect encrypted PDFs with embedded URLs
  • Ability to decode files and scripts, and compare against a database of more than 8 billion elements
  • Deliver files and metadata to secure data lakes, which provide the ability to retro search and analyze local history as threat landscape evolves, and uncover attacker strategies, tactics and techniques in order to thwart future attacks
  • Ability to apply Advanced Search which enables more efficient and effective searching across an archived file history, allowing analysts to traverse large metadata sample sets quickly, and pivot if necessary, leading to faster detection and thereby reducing impact from attacks and targeted campaigns

New reports from ReversingLabs demonstrate updated capabilities specific to email, providing deep dive, real-world examples of how its Titanium Platform can catch lateral movement in internal emails, stop ransomware from propagating and prevent credential theft by applying updated intelligence across data lake of local samples, retro-searching for key file metadata to expose breadth of attacks, and performing advanced search to pivot across the user base to determine those impacted by attacks.

Recent research from ReversingLabs also reveals insights to evolving supply chain attacks, particularly those in the software supply chain, such as with package manager repositories like Python Package Index (PyPI). ReversingLabs continuously monitors the digital environment for suspect and known threats by scanning code repositories and integrated development environments for malicious or suspicious content to prevent the proliferation of bad software across an enterprise or into their partner networks.

Integration Updates
ReversingLabs Titanium Platform integrates with existing solutions, amplifying visibility into hidden objects, which helps to reduce incident response time for security analysts, while providing high priority and detailed threat information for hunters to take quick action. Recent updates include:

  • Endpoint Detection and Response (EDR): Updated Tanium integration provides comprehensive file reputation for Tanium customers
  • Threat Intelligence Platform (TIP) TIP: Updated Anomali integration provides extensive file reputation and enrichment, URL statistics, and ability to pivot with analysis
  • Sandbox: New Sandbox integrations with Cuckoo, Joe Security, and FireEye provide faster analysis, optimize Sandbox load
  • Security Information and Event Management (SIEM): Updated Splunk integrations for hash lookup and link from any hash in Splunk to the analysis platform
  • Security Orchestration, Automation, and Response (SOAR): Updated IBM Resilient integration

About ReversingLabs
ReversingLabs helps organizations to find and neutralize the enemy within. Providing advanced malware analysis and insights into destructive files and objects, ReversingLabs addresses the latest attacks, advanced persistent threats and polymorphic malware. ReversingLabs has become an essential threat solution across the most advanced security companies in the industry, while supporting all industries searching for a better way to get at the root of the web, mobile, email, cloud, app development and supply chain threat problem, of which files and objects have become major risk contributors.

Through its Titanium Platform, ReversingLabs delivers automated static analysis and file reputation services that represent the fastest and most accurate insights in the industry, finding the hidden objects that are armed to destroy enterprise business value. We maintain the largest repository of malware and goodware in the industry of more than 8 billion files and objects, and are the only vendor to speed analysis of files in milliseconds. ReversingLabs seamlessly integrates at scale across the enterprise with connectors that integrate with existing security investments, reducing incident response time for SOC analysts, while providing high priority and detailed threat information for hunters to take quick action. Learn more at https://www.reversinglabs.com, or connect on LinkedIn or Twitter.

Media Contact:
Alana Suko, Guyer Group
alana.suko@guyergroup.com

Is your business listed correctly on America’s largest city directory network of 1,000 portals?